Skip to main content


         This documentation site is for previous versions. Visit our new documentation site for current releases.      
 

This content has been archived and is no longer being updated.

Links may not function; however, this content may be relevant to outdated versions of the product.

Restricting access to operator information in public-facing applications

Updated on April 5, 2022

You can restrict all access to data in the Data-Admin-OperatorID class to only the end user’s data through an access control policy.

Before you begin: If you are using a version before Pega 8.2, attribute based access control (ABAC) was disabled by default. To enable this feature, you need to create a dynamic system setting with the value set to true.

To enable ABAC in any version before Pega 8.2, you need to create a dynamic system setting with the following attributes:

  • Short Description: Enable Attribute Based Security
  • Owning Ruleset: Pega-RulesEngine
  • Setting purpose: EnableAttributeBasedSecurity
  • Value: True
  1. In the header of Dev Studio, click CreateSysAdminDynamic System Settings.
  2. Create Access Control Policy Condition rule with below details:
    • Identifier: <Name of your choice>
    • Ruleset: <Any application ruleset where this restriction needs to be enforced>
    • Apply To: Data-Admin-Operator-ID
  3. On the Pages & Classes tab, add OperatorID in the Page Name field, and Data-Admin-Operator-ID in the Class field.
  4. On the Definition tab, enter the following conditions:
    • In the Conditional Logic section, name the condition.
    • In the Policy Conditions section, name the condition the same as the Conditional logic.
    • In the Column source column, select .pyUserIdentifer.
    • In the Relationship column, set it to Is equal.
    • In the Value column, select OperatorID.pyUserIdentifier.
  5. Create Access Control Policy rule with below details
    • Identifier: <Any name of choice>
    • Action: Read
    • Ruleset: <Any ruleset in an application where this restriction needs to be enforced>
    • Apply To: Data-Admin-Operator-ID
  6. On the Definition tab, add the name of the Access Control Policy condition rule created in Step 4.
  • Previous topic Basic requirements for deploying public-facing applications
  • Next topic Understanding project roles and personas

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us